syzbot

panic: pool_do_put: mbufpl: double pool_put: 0xffffff0071454300
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*209936  85149      0           0  0x4000000    0  syz-executor1
db_enter() at db_enter+0xa
panic() at panic+0x147
pool_do_put(ffffff0071454300,ffffffff81ecbc58) at pool_do_put+0x2e2
pool_put(b5879742ae4ca728,ffffff0071454300) at pool_put+0x37
m_free(ffffff0071454300) at m_free+0x12c
m_freem(16) at m_freem+0x2d
soreceive(0,ffffff006f2eba80,ffff800021138110,465,ffff8000211381a0,ffff8000211380b0) at soreceive+0x1131
recvit(ffff8000211381d0,ffff8000211382d8,ffff8000211382c0,ffff8000ffff72d8,0) at recvit+0x28c
sys_recvmsg(ffff800021138360,ffff8000ffff72d8,ffff80002105f330) at sys_recvmsg+0x120
syscall(0) at syscall+0x3e4
Xsyscall(6,0,ffffffffffffffbf,0,3,4d569c8b010) at Xsyscall+0x128
end of kernel
end trace frame: 0x4d7d25b1080, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> show panic
pool_do_put: mbufpl: double pool_put: 0xffffff0071454300
ddb> trace
db_enter() at db_enter+0xa
panic() at panic+0x147
pool_do_put(ffffff0071454300,ffffffff81ecbc58) at pool_do_put+0x2e2
pool_put(b5879742ae4ca728,ffffff0071454300) at pool_put+0x37
m_free(ffffff0071454300) at m_free+0x12c
m_freem(16) at m_freem+0x2d
soreceive(0,ffffff006f2eba80,ffff800021138110,465,ffff8000211381a0,ffff8000211380b0) at soreceive+0x1131
recvit(ffff8000211381d0,ffff8000211382d8,ffff8000211382c0,ffff8000ffff72d8,0) at recvit+0x28c
sys_recvmsg(ffff800021138360,ffff8000ffff72d8,ffff80002105f330) at sys_recvmsg+0x120
syscall(0) at syscall+0x3e4
Xsyscall(6,0,ffffffffffffffbf,0,3,4d569c8b010) at Xsyscall+0x128
end of kernel
end trace frame: 0x4d7d25b1080, count: -11
ddb> show registers
rdi               0xffffffff81e10dd8    kprintf_mutex
rsi               0xffffffff81679b89    db_enter+0x9
rbp               0xffff800021137e30
rbx               0xffff800021137ed0
rdx               0xffff800001ccf000
rcx                           0x1d99    __ALIGN_SIZE+0xd99
rax               0xffff800001ccf000
r8                0xffff800021137e00
r9                0x8080808080808080
r10               0xb5879742ae4ca728
r11               0xffffffff8174f9a0    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff800021137e40
r14                            0x100
r15               0xffffffff81c3c06c    cy_pio_rec+0x4090
rip               0xffffffff81679b8a    db_enter+0xa
cs                               0x8
rflags                         0x206
rsp               0xffff800021137e30
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb> show proc
PROC (syz-executor1) pid=209936 stat=onproc
    flags process=0 proc=4000000<THREAD>
    pri=82, usrpri=82, nice=20
    forw=0xffffffffffffffff, list=0xffff8000ffff7530,0xffffffff81eafaa0
    process=0xffff80002105f330 user=0xffff800021133000, vmspace=0xffffff007f12ba50
    estcpu=36, cpticks=0, pctcpu=0.0
    user=0, sys=0, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 85149  381860   6110      0  2           0                syz-executor1
*85149  209936   6110      0  7   0x4000000                syz-executor1
 50409  456716  73839      0  2           0                syz-executor0
 50409  277522  73839      0  3   0x4000080  ttyout        syz-executor0
 50409    7149  73839      0  3   0x4000080  fsleep        syz-executor0
 68891  291675      1      0  3    0x100083  ttyin         getty
 70646  114759      0      0  3     0x14200  bored         sosplice
 73839  478944  40031      0  3        0x82  nanosleep     syz-executor0
  6110  395805  40031      0  3        0x82  nanosleep     syz-executor1
 40031  198781  49716      0  3        0x82  thrsleep      syz-fuzzer
 40031  329813  49716      0  3   0x4000082  thrsleep      syz-fuzzer
 40031  170632  49716      0  3   0x4000082  thrsleep      syz-fuzzer
 40031   98965  49716      0  3   0x4000082  thrsleep      syz-fuzzer
 40031  101748  49716      0  3   0x4000082  kqread        syz-fuzzer
 40031  212649  49716      0  3   0x4000082  thrsleep      syz-fuzzer
 40031  475432  49716      0  3   0x4000082  thrsleep      syz-fuzzer
 49716  350810  73936      0  3    0x10008a  pause         ksh
 73936  278858  58343      0  3        0x92  select        sshd
 58343  429682      1      0  3        0x80  select        sshd
 32320   49679  13208     73  3    0x100090  kqread        syslogd
 13208   49599      1      0  3    0x100082  netio         syslogd
 56410   18858      1     77  3    0x100090  poll          dhclient
 87700  345552      1      0  3        0x80  poll          dhclient
 85141   23883      0      0  2     0x14200                zerothread
 33277  209903      0      0  3     0x14200  aiodoned      aiodoned
 42922   15850      0      0  3     0x14200  syncer        update
 70097  385470      0      0  3     0x14200  cleaner       cleaner
 24820  464015      0      0  3     0x14200  reaper        reaper
 29558  221422      0      0  3     0x14200  pgdaemon      pagedaemon
 96048   16202      0      0  3     0x14200  bored         crynlk
 73491  480118      0      0  3     0x14200  bored         crypto
 24999  191370      0      0  3  0x40014200  acpi0         acpi0
 35409  357770      0      0  3     0x14200  bored         softnet
 47509  492519      0      0  3     0x14200  bored         systqmp
 51323  300057      0      0  3     0x14200  bored         systq
 54697  215453      0      0  3  0x40014200  bored         softclock
 52412  416270      0      0  3  0x40014200                idle0
     1  243624      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper